mirai | 3254c6ac87104fd34c68c9f12a0085cd772cb7eb909c3c08aad8336f32b98cdd | Triage

Sharing

General

Target

3254c6ac87104fd34c68c9f12a0085cd772cb7eb909c3c08aad8336f32b98cdd.elf
Size

147KB
Sample

241201-crzbvaxrdr
MD5

f6c738f8fde7372f91168a8239a02aa8
SHA1

64f0677fc9f7fa499a2f8c78598b8dd7078af4ee
SHA256

3254c6ac87104fd34c68c9f12a0085cd772cb7eb909c3c08aad8336f32b98cdd
SHA512

c20f19ddd4fd5eced11d737de69eb140ad7924a6e5b94aa3a6f471cd1b7fd967b71f550f503ac4933cee6a3d80a4cd150a9663aedc991c3b4b813834ea43deff
SSDEEP

3072:OiKKvnBnGyClrUn4UloLmpMguHcUgVUHalw7W6uH0JsfCJvhL2TjvEpkBjqBymwX:OiKKvnBnGyirUn4UloLmpMguHcUgVUHq

Score

10^/10

mirai lzrd defense_evasion discovery

Malware Config

Extracted

Family

mirai

Botnet

LZRD

Targets

- Target
  
  3254c6ac87104fd34c68c9f12a0085cd772cb7eb909c3c08aad8336f32b98cdd.elf
- Size
  
  147KB
- MD5
  
  f6c738f8fde7372f91168a8239a02aa8
- SHA1
  
  64f0677fc9f7fa499a2f8c78598b8dd7078af4ee
- SHA256
  
  3254c6ac87104fd34c68c9f12a0085cd772cb7eb909c3c08aad8336f32b98cdd
- SHA512
  
  c20f19ddd4fd5eced11d737de69eb140ad7924a6e5b94aa3a6f471cd1b7fd967b71f550f503ac4933cee6a3d80a4cd150a9663aedc991c3b4b813834ea43deff
- SSDEEP
  
  3072:OiKKvnBnGyClrUn4UloLmpMguHcUgVUHalw7W6uH0JsfCJvhL2TjvEpkBjqBymwX:OiKKvnBnGyirUn4UloLmpMguHcUgVUHq
Score

9^/10

defense_evasion discovery
- Contacts a large (19737) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery